Re: TrueCrypt and Windows Hibernate feature

[Eric Case <eric () ERICCASE COM>]

It is just a twist on the "Cold Boot" attack.  As Bruce Schneier said, "As
soon as you give up physical control of your computer, all bets are off
[http://www.schneier.com/blog/archives/2009/10/evil_maid_attac.html].";

-Eric

 

 

Eric Case, CISSP

eric (at) ericcase (dot) com

http://www.linkedin.com/in/ericcase

(520) 344-CISO (2476)

 

 

From: The EDUCAUSE Security Constituent Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Smith, Bob
Sent: Friday, December 10, 2010 4:06 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] TrueCrypt and Windows Hibernate feature

 

Wondering if anyone had seen this article and what impact, if any, it will
have on your use of TrueCrypt?

 

http://www.securityweek.com/microsoft-windows-sleep-feature-poses-security-r
isk?utm_source=feedburner
<http://www.securityweek.com/microsoft-windows-sleep-feature-poses-security-
risk?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Securityweek
+%28SecurityWeek%29>
&utm_medium=feed&utm_campaign=Feed%3A+Securityweek+%28SecurityWeek%29

 

We just implemented the campus-wide use of TrueCrypt, but for select
folder/volume encryption and not for full disk encryption and are interested
in how anyone else is responding to the claims contained in the article.

 

Happy Holidays!

 

Bob Smith

AVP IITS & Information Security Officer

Longwood University

201 High Street

Farmville, Virginia 23901

www.longwood.edu/infosec

Attachment: smime.p7s
Description: